IPMediumSignal 68/100
212.30.37.134
Location
NetherlandsRotterdam, ENG
ASN
AS137409
GSL Networks
First Seen
Mar 10, 2023
Last Seen
Jun 9, 2026
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
68%
Signal Score
68 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryNetherlands
NetherlandsRegionRotterdam, ENG
ASNAS137409
OrganizationGSL Networks
IP Category
⟲
Proxy
Proxy server
⊕
VPN
VPN exit node
Feed Intelligence Summary
11 reports68% confidence
11
Source reports
68%
Confidence score
Category tags
accessactive scanactive scanningattackaustraliabad web botbotnetbotnet activitybrute forcebrute force attackbrute-forcec2 communicationc2 servercommand & controlcommand and controlcommunication protocolcompromised hostcompromised systemcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingcvedata encryptiondata exfiltrationdata store exposuredatabase securityddosddos attackdecoy systemdenial of servicedionaea honeypotdistributed attacksdnsdns attackemailencryptioneuropeexploitexploitation activityfattftpftp brute forceftp brute-forcegithubgroupshackinghoneytrap honeypothttp scannerhttpsidentity & access exploitationimapinfected hostinformation technologyinfrastructure acquisitionreconnaissanceinjection activityinjection attacksit infrastructurelamplateral movementmailoney honeypotmalicious activitymalicious linksmalicious softwaremalwaremalware behaviourmalware capturemalware distributionmssqlnetherlandsnetworknetwork enumerationnetwork protocolnetwork scanningnetwork securitynloceaniaopen proxyp0fpassword attacksphishingphishing attackphishing trappotential malicious activityprocess injectionprotocol exploitationproxypythonreconnaissanceremote accessremote servicesresearchedresource hijackingscannerscriptsensor-taggedsentrypeer botnetserver exploitationservice enumerationsftpsftp attackslugsmtpsmtp brute forcesocial engineeringsoftware developmentsql injectionsshssh attackssh monitoringsurface webt1018t1021t1021.001t1021.002t1021.004t1040t1041t1055t1059t1059.003t1059.004t1071t1071.001t1076t1077t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.001t1486t1496t1499.001t1499.002t1499.003t1505.002t1563t1565t1566.001t1566.002t1566.003t1566.004t1573t1573.001t1587.001t1590.001t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetor nodetpotunauthorized access attemptsunidentified attackerunited kingdomvnc protocolvoipvoip attackvpnvulnerability scanweb app attackweb application attackweb exploitationweb securityweb traffic
Activity Timeline
Jun 9Jun 9
Threat Activity Heatmap
· Peak: 2026-06-09LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
68
SIGNAL
Signal Score
68%
Confidence
11
Reports
First seenMar 10, 2023
Last seenJun 9, 2026
GeolocationNL
CountryNetherlands
LocationRotterdam, ENG
ASNAS137409
OrgGSL Networks
Coords51.5064, -0.0200
ProxyVPN
VirusTotal
Not checked
WHOIS
- description
- Unknown source type: h0neytr4p
- raw
- inetnum: 212.30.37.0 - 212.30.37.255 netname: GSL_Networks country: NL admin-c: AM36404-RIPE tech-c: AM36404-RIPE abuse-c: AVCN1-RIPE status: ASSIGNED PA mnt-by: MNETS-MNT mnt-by: Mnets-Admin created: 2022-01-22T10:23:53Z last-modified: 2024-06-20T17:34:53Z source: RIPE person: Assaf Murr address: Zalka Amarit Chalhoub Ain Street Salloum BLDG. Ground Floor 961 3 644884 phone: +961 1 895665 nic-hdl: AM36404-RIPE mnt-by: Mnets-Admin created: 2015-01-05T23:33:16Z last-modified: 2015-01-05T23:33:16Z source: RIPE # Filtered route: 212.30.37.0/24 origin: AS137409 mnt-by: MNETS-MNT mnt-by: Mnets-Admin created: 2022-01-20T17:57:10Z last-modified: 2022-01-20T17:57:10Z source: RIPE
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 3 years ago · Last seen 13 days ago
Appeared in 11 threat reports